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Communications via the Internet 


Pretty much all internet communication is or can be monitored by the authorities. Certainly, once 
you're identified as a dissenter, everything you do will be watched. 

This section lays out ways to work within this environment and ways to, in some cases, get around 
the overseeing eyes of Big Brother. 

Google CEO Eric Schmidt said "Internet users shouldn’t worry about privacy unless they have 
something to hide.” 


Using Email Securely 


While access to internet cafes or other public access point maybe monitored (CCTV will hardly 
ever be noticeable), if you pay by cash and use a disposable one time email address like hotmail or 
gmail it is very unlikely that your identity will be pin pointed. This is obviously only useful if the the 
recipient is not in danger of being compromised or if you can agree predetermined times to communicate 
using *disposable email addresses and public machines at each end of the communication. What will be 
noticed is if you are under investigation stop using your old email address, make new accounts, and then 
continue to email your family and friends as normal, do you think it will be hard to figure out who that 
new account belongs to? Using encryption will raise eyebrows but does protect your communications 
and if you are using public key encryption you can also verify the sender's identity. 


Looking at Web Pages Securely 


Remember that while you are looking at web pages all kinds of information may be free to leak into 
your mind and even your soul. Check that you are conscious of this at all times. If possible use an ad 
blocker and make sure you do not look at web pages when you are tired or under the influence of any 
medication that may reduce your consciousness. Even the most legitimate looking and well designed 
web page may well contain information that is either completely incorrect or deliberately misleading. 

Your browsing probably follows a pattern to your favorite news, sports, email, and other sites. With 
the right software or if the ISP is watching this browsing pattern can be detected potentially flagging 
persons of interest for either enhanced surveillance or sending your location to the police. 

You can hide this using a mix proxy like Tor (http7 /torproject.org/) . Used to be sponsored by Navy 
labs and later EFF, is open source though. There are also good guides on securing your web browser 
for use with it out there. Make sure your real identity is never possible to link to your pseudonym and 
you should be safe. 

Freenet (http://freenetproject.org/) is used by all kinds of people to share static information like 
pages and files. More limited than Tor. (no exit into normal web) Best used for massive files. 

12P (http://www.i2p2.de/) is a system similar to Tor, but more closed. (most nodes aren't exits into 
the web) It is more suited than Tor for massive file transfers, P2P style. There's a good BBS app called 
Syndie for it. 

General notes about anonymizing systems 

Some forums and pages block these proxies due to jerk abuse and they may be used by some unsavory 
child pornography sharers. Don’t get involved with that and keep all the “hot” data encrypted, so that 
pigs cannot put incriminating evidence. 


Social Networks & IM (Instant Messaging) 


Although fun and even useful, be aware that social networks can expose your personal details to 
other people, and is to be considered as a constantly government monitored method of determining 
who you communicate with even casually. Make sure you understand what you are sharing with whom. 
Many services by their nature allow many people even the whole of the internet to see the message you 
thought you just sent to a friend. Educate yourself and be aware. 

IM tends to be more unambiguous but like email is inherently not secure or private and is mostly 
monitored or at least archived. 

If you need to use Yahoo Messenger but don't want to download it to the computer you're using, 
there is a web based version at http: //web.im. 


Google Mail's IM is monitored well and automatically. Don't trust it. The good part is that it uses 
an open IM called Jabber, which there are many other servers of. Try http://jabber.org for a list of 
servers and apps. It's fairly hard to find people there except by asking directly. 


Encryption 


While it is fairly trivial to install miitary/diplomatic grade free open source email encryption 
on any personal computer like http://www.gnupg.org/ GNU Privacy Guard for windows or http:// 
www.pgpi.org/ for other platforms, it is only as good as your personal security habits. It may be dif- 
ficult to impossible for security agencies to crack your encryption in your lifetime but there may well 
be ’back-door’ access that you don’t know about, especially if you run a closed source OS or have 
compromised hardware. Considering all of the risks besides just the encryption you can only consider 
this to be a way of hopefully slowing down third party access to your private information. If any third 
party wants access to your information they may feel the quickest way is to "persuade' you to hand over 
your encryption keys. 

see Crypto ( http: / /wiki.stealthiswiki.org/wiki/Internet-Communicationsj¿Crypto:) section below. 


Flash Burns 


Most of us are smart enough to use TOR and other privacy services especially when operating in 
the sketchy bits of the net. With the popular rise of flash on websites there is a bigger problem, LSO’s 
or flash cookies which stay alive even when you wipe all of the cookies from your browser. To say it 
another way, you can turn on tor and wipe your browser cookies and history but da’ man at (google 
owned) youtube still can ID you as the same guy who logged into gmail 15 min ago. A cookie is a 
small file a website sends to your browser so it can ID you as you visit other sites or return, google and 
doubleclick are famous for tracking users with traditional cookies. You can just install a flash blocker 
plugin if you use firefox, never install/uninstall flash, or if you love to flirt with danger add a LSO 
wiper plugin. Many websites are built with flash and wont work without flash installed, we suggest just 
avoiding these pages because Flash Sucks!! 

It is recommended to use NoScript (with flash on click even for trusted sites), some cookie manager 
and BetterPrivacy (LSO wiper) when dealing with flash. There’s also a trick to increase your privacy on 
Linux: edit /etc/adobe/mms.cfg. On WinXP and below, C:\Documents and Settings\username\mm.cfg 
, on Vista/7 C:\Users\username\mm.cfg - if the file doesn’t exist, create it. There are a few settings that 
may improve privacy of Flash somewhat. Especially important is DisableDeviceFontEnumeration=1 as 
it’s an easy way to build a profile, as well as DisableSockets=1 which can otherwise skip anonymising 
proxies. Flash won’t ask about these two breaches by default, unlike others (such as local file read, 
webcam and microphone). You can disable LSOs there as well. 


Remember Pattern Matching 


Remember that in general the pattern of your web browsing and email contact just like the pattern 
of your phone calls and credit card transactions will be much more telling than individual records. Just 
in the way that Credit card companies will now automatically notice if your spending goes outside the 
norm either in geography or amount it is certain that electronic communication can be monitored easily 
in the same way and act accordingly. 
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Email - What it is and isn’t! (and thoughts 
on security) 


Email is short for electronic mail. Now that we have email, email users refer to regular mail — 
received via the Post Office — disparagingly as Snail Mail. Inherent in its form, is its speed. When you 
send a letter through snail mail it can take days to arrive. When you send an email it arrives in the 
recipient's "email box” (inbox) nearly immediately. The only delay being the time it takes for the sender 
and recipient's email servers and the recipient’s email client to synchronize with one another. 

There is another difference though, (every rose has a thorn, right?) while snail mail arrives days later 
and doesn’t run on Sundays it does require the use of tangible resources such as paper and stamps. It 
does have one benefit that email doesn’t — it’s usually in a sealed envelope. So speed or security. Oh, 
and email is probably massively less hungry on resources... 

In practice, the only thing stopping your postal carrier (or any one of the various postal workers who 
touch your envelope from the time it’s picked up to the time it’s delivered) from opening and re-sealing 
your mail is the law of your country (but when did that stop anyone?). When it comes to email, they 
are still figuring out how to handle it from a legal perspective. Recent court decisions have tended to 
side with privacy advocates when it comes to who can read your email, how it is obtained and the 
responsibilities of the Internet Service Provider (ISP). 

On the other hand ISP whistle-blowers have informed the public that media companies such as 
AT&T who provide you with your internet service wasted little time in responding to the government’s 
request /demand for access to its data and voice lines. If you are using email you should expect the same 
kind of privacy you have when you are browsing the internet: None. Assume that someone is reading 
your email and assume that someone is watching all of your internet activity. 

Don’t communicate important or sensitive information through email. Once you’ve established 
groups of people or partners in actions, only use email when absolutely necessary. You should be 
similarly concerned about talking on the phone, but somewhat less so. The bottom line is that the only 
secure methods of communication involve direct conversations and sealed envelopes. But if there is a 
reason for the government to suspect you of illegal activities (read: anything they don’t want you to do 
for any reason), then you should be careful on the phone and using snail mail just as you are careful 
with email. 

Email can still be a good way to share reference material or for bringing people together. Still, be 
careful with it. Don’t give your email address to anyone unless you know them or are confident in 
their security. When you sign up for access to sites on the web that require log-ins, read their privacy 
statements and never provide your email address, even to a person or a party appearing to represent 
your ISP. Don’t even give your email password to your friends or family. Don’t use your email to store 
important information or personal files on financial or other personal information — save it locally on 
your computer and/or print it out for your files. If something arrives in your email inbox that might be 
necessary for someone else to be able to access in an emergency, or if you are unavailable — temporarily 
or otherwise — then it doesn’t belong only in your email inbox. 

You should know that the content of your emails are actually less useful to an investigator than 
who you are in contact with, when you are sending, and from where. You can hardly claim to not know 
someone with whom you have regular or even sporadic email contact. 
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The Bottom Line... 


The bottom line is that your email inbox is yours and yours alone, Email offers a efficient and easy 
means of communication for people with access to it but it’s also easily vulnerable to access from the 
outside. Treat it appropriately, and treat it with respect. 

The first place any cop or PI will go is your email and social networking profile. Months can go by if 
you are planning something with your friends on email without any indication that it's being accessed 
illegally, you can let your guard down, believing that you are speaking in private and then suddenly, 
without warning, you're being hauled into jail and your computer is taken as evidence against you. 


You might not have done anything, but that doesn't matter. We no longer live in a society where 
the government allows free speech if we ever did. But hell, governments never never stopped anyone 
doing anything. 

Even the suggestion of the idea of a notion of an intangible threat is enough to put you away. And 
the more innocent you are, the more likely you are to be tortured — cops, especially the feds, don't like 
to be wrong, and it should be obvious to anyone who reads the news that the government will stop at 
nothing to get what it wants or to make it appear like it has what it wants. Don't let your own email 
be your undoing. Use it with respect and caution. 


Webmail 


Webmail is now cheap and plentiful. Just remember that the contents are readable by anyone that 
your company wants to give access to, even if you have deleted the messages; many services just make 
them invisible to you while still keeping a full archive for the cops. If you are ever in jail or any 
institution, make a new account and don't email anyone but non-activist friends and family, as your 
email and surfing will always be watched. 

When using webmail (or generally browsing), try to use a browser like Firefox, which has many 
extensions that are perfect for hiding/deleting/encrypting your history or your searches or your email 
content. 


Free email sites 
Most everyone and their dog does free email now. Here are some of the big ones: 


e Yahoo Mail (http7/www.mail.yahoo.com/) 


Mail.com (http7/www.mail.com/) 


Hotmail (http7/www.hotmail.com/) 


Google mail (http7/www.gmail.com/) 


The Hedge-Hog (http7/www.hedge-hog.com/) 
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e Freenigma (http7/www.freenigma.com/) is a Firefox extension for encrypting emails from Yahoo 
or Gmail. 


e GuerillaMail (http: //www.guerrillamail.com/) provides free temporary email addresses. These 
expire in an hour, and are useful for signing up to a website when you don't want to give your 
real email address. It is recommended, however, that you simply acquire an email from one of the 
main email hosters and use that as a spam address which you only check for registrations, and 
only give your real email to real people. 


Local Email 


Local download or POP3/SMTP email is the original way to get your email, but your information 
is downloaded and saved on your hard drive by default. Everything you send and receive, in addition 
to sometimes being archived by the email server in the same way that webmail works, is also stored on 
your drive. 

The files are deleted from the server and saved on your computer. Often, emails remain on server 
backup for some time even after you retrieve and delete them. Unless you encrypt your email archives 
all of these emails are readable by a pig who gets his hands on your laptop. 

Whether using local email or webmail, your emails are kept on a server for some amount of time. 
ANY and ALL internet communication can be intercepted or monitored. 
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How to Post Information on the Web 


Domain Name 


If you plan to do any web publishing of any type register and own your domain name. We own the 
stealthiswiki.org domain, meaning that reactionary companies cant just pay off a hosting company to 
take our web address. Many hosting companies give you a free taste of the domain, and will rent it to 
you but if it is not in YOUR NAME you dont own or truly control it. You can ask people what happens 
when the hosting company goes bankrupt where the domain name went, that domain name is the only 
way most everyone knows how to access you on the net. A whois lookup should return your information. 

The top level domain for the small island territory Tokelau, .tk, link (http: //www.dot.tk/en/in- 
dex.html?lang=en) will provide free domain names. However, there are severe restrictions on your use 
of free speech. Content involving drugs, sex, firearms, hate speech, and copyrighted material is banned, 
leaving nothing interesting left. 

Afraid.org (http://freedns.afraid.org/zc.php?from=L21lbnUv) provides free subdomains on catchy 
domain names like chickenkiller.com, crabdance.com and sexypenguins.com. 

Some URL shorteners support custom URLs. This won’t change the domain name of your site, but 
it can provide an easy url to remember to get there. 


Keep It Simple 


Not everyone has a cable modem, DSL or dedicated T1 line. When designing a website or other web 
presence, consider making a low graphics or even graphics-free version for folks using dial-up services 
or overloaded proxy services. If you’re running a web radio station, consider a Low-Fi audio feed. For 
the truly security cautious Flash, Java and Javascript plugins are all problems as are other plugin type 
website gadgets. Give viewers the option of viewing a straight HTML site with normally linked pictures 
and downloads. Test your site in Internet Explorer, Links, LYNX, Firefox/Mozila, Konqueror, Opera, 
and mobile phone browsers and almost everyone should be happy. 


Podcast 


Have an outline and basic script for any monologues before you start to record. Be sure to research 
your guests and have questions ready. It is a good idea to send the questions to the guest so they 
sound intelligent, unless you are planning an ambush. Use the program audacity to record and convert 
to mp3 , get a good microphone, a telephone recording attachment is good for phone in guests. A 
basement or interior room which gets no noise from the outside with blankets hung on the walls and 
ceiling and carpeted floors absorbs most noise. Turn off furnaces or other appliances which could come 
on suddenly and cause noise for the duration of your recording session. Go through afterwards and do 
post production to wipe out parts that are not interesting or dead air gaps, It is best to edit down to 
standard times, half hour or an hour, break up into several mp3’s if you want to do a giant recording 
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session. Always have someone else listen to the show before putting it on the net, preferably someone 
not overly familiar with the topic. Be sure to research carefully your file host, for many people once 
they set up the RSS feed they will have trouble following you if you switch hosts, especially if you forget 
all the places you advertised. There are some really free providers like http://www.ourmedia.org/ and 
some good searching will turn out more but be careful that you are not just signing up with a place that 
will start charging once you get popular. Some of the best free hosts require you use a free distribution 
license like we do at Steal This Wiki for the files they host, this is mostly to prevent successful shows 
from suing for royalties later. You can do this all with the cheapest netbook and an internet connection, 
advertise with stencil paints and wheatpasted posters. check out Public Speaking, and Guerrilla Radio 


Social Media 


The new buzz words for the democratisation of communication and news media. While traditional 
news media like newspaper and TV are ’one to many” hierarchical structures Micro/mobile blogging 
and regular blogs allow citizen journalists to add their collective voices to a more democratic process. 
While the obvious bias of legacy? news media in contrast, becomes more apparent, many people realise 
they can scan the blog news feeds and make up their own balance view of ’reality’. 


Blog éz Micro Blogging 


There are many free blog sites which have many options. Most now have an option to post via SMS 
and email. If you want a regular readership, be sure to post on a regular basis (at least once a week). 


Popular Blogging Services 


Blogger (http7/www.blogger.com/) Hosted for you for free. Part of the Google empire (for good or 
evil?). 

WordPress.com (http://www.wordpress.com/) Choice of hosted of download the software and run 
on your own server. 

MySpace (http://www.myspace.com/) Hosted Heavily monitored by the US Government and owned 
by Rupert Murdoch’s News Corporation (The goons who run Fox News) 

Xanga (http7/www.xanga.com/) 

LiveJournal (http: //www.livejournal.com/) 

Tagworld (http7/www.tagworld.com/) 


Micro Blogging Services 


Mostly known by the biggest of the pack which is currently (Aug 08) Twitter ( http7/twitter.com/) 
. Allows you to post a SMS length text message from anywhere that is in some way connected to the 
internet. This includes to and from most modern mobile (cell) phones. You can choose who can see your 
postings; either people you approve, just the recipient or anyone. This combined with GPS and camera 
equipped mobile phones allow posts to be tagged and linked to location and photographs. 

More about Twitter on Wikipedia (http: //en.wikipedia.org/wiki/Twitter) 
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Social Networking Sites 


Now massively popular social network sites connect people with their peer group, relatives and 
social contacts. Most services are aimed at niche markets: Bebo for tween to teen market, MySpace and 
Facebook for older teens to third level and Linkedin for professionals. Just to be clear even having a 
social networking account even if you only use it to browse your friends pages is serving your friends 
and people who can help catch you to the cops, to quote Admiral Akbar "It's a TRAP”, ignore those 
LinkedIn and facebook invitations and discourage friends from sending them. 


All provide a locked in network that tends to tie users into their branded ringfenced domains by 
allowing users to invest large amounts of energy in tending their online ’profiles’. In most cases it becomes 
very hard for users to extract or migrate this data and the network of contacts that users develop as 
the actual data is masked from view, it is also impossible to delete, ever. Large privacy concerns and 
the ambiguity of what profile information is publicly shared or available to private investigators for a 
price makes use by inexperienced vulnerable people inadvisable. Treat with caution since this is the 
first place the cops will look for interrogation leads after hauling you in for questioning or tracking you 
down. For those sneaky types out there know that just making a new account when you run off to the 
caves of Azerbaijan to hide out will not protect you, by communicating to your old family and friends 
you make a match to your old life, very easy for any investigator private or police to follow. 

If you need to cure your facebook addiction, a userscript like: 

// =UserScript= 

// @name fuck facebook 

// Q@namespace fuck facebook 

// @description fuck facebook 

// @include .facebook.com/ 

// =/UserScript= 

location. href =” http: //wiki.stealthiswiki.org/index.php?title=Internet_Communications¿Social_ Networking Site 
facebook.”); 

The still-in-pre-alpha social network Diaspora, when released, will let individuals host their own 
"seeds” in order to protect privacy. It may be a viable alternative to Facebook for those concerned about 
their privacy. 


College or Personal Web Space 


Most colleges and some ISP’s give webspace and a shell account when you register. An account for 
low bandwidth sites will be a fine option, but if your site becomes hot quickly, you could be shut down 
or charged for bandwidth usage. 


Bittorrent 


The bittorrent protocol allows for easy downloading of large files, as well as easing the dissemina- 
tion of your own stuff. Using torrents and tracker websites, you can find almost anything from the 
latest movies and games to applications and operating systems. The bittorrent protocol uses your up- 
stream bandwidth to re-share the content as you are downloading, decentralizing the total downloading 
infrastructure. 

Consider using PeerGuardian or similar block list software if you download unlicensed content 
through P2P networks. This may protect you from being profiled by known and suspected copyright 
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license collection organizations that are known to use questionable legal intimidation tactics as well as 
blocking many torrent polluters which send out bad chunks which cause longer downloads as you have 
to re try many parts of your file. 


Photohosting Sites 


Photo hosting sites are an easy way to distribute or share photos.. Be sure to read the terms and 
conditions to be sure you retain rights and ownership if that is important to you, you will also want to 
research the takedown policy for controversial content. Here are a few sites http: / /www.photobucket.com 
http: //www.imageshack.us http: //www.flickr.com Flickr 

Perhaps the most user-friendly photohost is the newcomer www.imgur.com, which aims for simplicity. 


Photo File Security 


Remember kids, your camera does leave a digital fingerprint the cops can follow, strip the EXIF 
data from all photos before posting so they are less easily traced. In Linux install the program jhead 
which edits the JPEG image file headers, in command line type 

jhead -de * 

in your photo directory and date and camera information for all of the .jpeg and .jpg files will be 
stripped. If you are a Windows or Mac user just select and copy the part of the pic you want to the 
clipboard, then paste into a paint program and save. 

Your cameras pixels also leave a fingerprint, there has been some work eliminating the background 
uniform pixel noise from cameras by adding a random pixel shading to pictures. If you plan to photo- 
graph for radical causes it is wise to use a different camera than the one you use to post family photos 
on flickr. 


Indymedia 


Indymedia is a news site for an alternative viewpoint. It is a very activist source and covers activist 
news. 

Many news sites now include a discussion area at the bottom. This is usually not read by the regular 
news viewer and is mostly a place for debate between posters. 


Video on Torrent or Video sites 


Video of police violence, corpgov malfeasance, or active resistance can be posted to video viewing 
sites or to bittorrent location sites. YouTube which has been bought by Google Video are basic sites 
for this, as they offer a huge number of viewers, but you may be more easily prosecuted if the pigs 
want to sue the video of them off of the web. Youtube will delete videos of police or other violence it it 
exceeds their acceptable policy. Liveleak and other video sites get less traffic but have more open terms 
or service. 
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Vagabond Video 


Perhaps you want to waste brain cells and watch CorpGov TV shows and movies off of the net like 
everyone else does, but what if you don't have a regular net connection, or even more difficult not even 
a laptop just a PDA, wifi smartphone, or video player? If you either have a friend with a computer or 
access to a server shell account with the right software installed you can use the programs mencoder 
or ffmpeg to encode for playback on your PDA, these are available for most Linux distros and Apple 
OS-X, there are also programs to do this on Windows. 

Many Linux and Unix distros for various legal reasons now ship with stripped media encoding/de- 
coding libraries and software but have a gray market partner which can be added to the software sources 
file to permit adding the full free and insane media ripping capacity back, for example Ubuntu users 
can use medibuntu software repositories http: //www.medibuntu.org/ and Mandriva has the Penguin 
Liberation Front plf.zarb.org/packages.php 

One of our writers only has a PDA so she finds a WiFi hotspot, logs into her server account halfway 
across the globe, starts a screen(screen is a very useful unix/linux program that keeps a terminal 
session running even when you disconnect) session so she can log out and the work will continue, and 
uses bittorrent on the command line to download the file to her server account. It should be easiest 
to grab the weblink for the torrent file from your computer or PDA web browser and past it into 
the command line terminal session after the command links, elinks, or lynx which are text only web 
browsers, they will prompt you for a file name that will save the torrent, be sure whatever name it saves 
as ends with .torrent so your bittorrent program will recognize it. She mentioned that it is often easier 
to visit a computer lab or library and use a big keyboard and screen to hunt down the torrents you 
want assuming there is not a surf-block program installed to stop torrent sites. Since public machines 
almost never have a 

SSH program installed she suggested a web based Java SSH program (Warning not for secure 
communications!!) to connect to your server and get the remote download started, try those: 


e http: //www.netspace.org/ssh/ 
e http: //www.gotossh.com/ 
e http: //www.nacs.uci.edu/support/sysadmin/ssh_info.html 


In a few hours or so she brings a power cable or battery pack for her PDA and visits a good WiFI 
hotspot that she can sit at for an hour or two, coffee shops work well for this. She then logs in and 
exits the finished torrent and uses mencoder or fímpg on the server side to shrink and convert the file 
to something her PDA will play back at a decent rate and download quickly. Here is an example of 
the Linux command string she uses, edit this for your own files and preferences, be sure to encode to a 
video codec that your player can read. 

mencoder exampleoriginalfile.mpg -ofps 15 -srate 24000 -oac mp3lame -lameopts cbr:br=32:vol=5:mode=3 
-ovc lave -lavcopts vcodec=mpeglvideo:vbitrate=96:vhq:keyint=300 -vop scale=160:120 -o examplefin- 
ishedfile.mpg 

or 

ffmpeg -i examplestartfile.avi -ab 56 -ar 22050 -b 500 -s 320x240 examplefinishedfile.mpg 

This conversion will not take more than ten to twenty minutes even on a slow server to convert a 
movie but you might want to start a "screen” session on your server and disconnect while the encoder 
is working to save battery pack power on your PDA. Tweak the bitrate settings, framerates, and size 
for better performance or quality. These examples encode using the mpeglvideo codec since this should 
work on even early PDA's but you might see better results with more modern devices like Ipods if you 
use mpeg4 instead. 

After this is all done she just uses a FTP program to grab the file to her PDA and once it is done 
watches it when she has time. To keep the less honest from seeing her PDA she starts the FTP program 
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and puts the PDA into her backpack under the table with a battery pack or solar cell plugged in since 
big WiFi file transfers use plenty of battery power. Be sure you have a good connection before you put 
the PDA in the pack or you might realize that the file never downloaded. 

She has another trick for TV shows such as news programs and some comedy, which she prefers to 
just strip out the the audio from the video files for listening to as a podcast during her bike commute 
she uses the following. 

ffmpeg -i originalfile.mp4 -vn -ac 1 newaudiofile.mp3 

If you want to something a bit different with codecs or other settings type man ffmpg or man 
mencoder to use the user manual program and see your options. 


Smart Phones 


If you have a smartphone equipped with WiFi but an expensive data plan you can send the commands 
to your server shell account over your cellular data connection. First download a free SSH program so 
you can connect to your server shell account. You will also need an FTP program unless your SSH 
program also allows secure downloads via SCP. Dont use your browser to search for torrents, instead 
log right into your server shell account and use links or lynx command line web browsers, they are 
all text and will save you on data costs. Once you have the text browser grab the .torrent file exit 
the text web browser and start the torrent over on your server account. MidpSSH is a Java powered 
SSH client program that will run on most mobile phones, even old ones that can run Java programs. 
http: //www.xk72.com/midpssh/ 

Once the torrent is complete you can also send the command to start the conversion from almost 
anywhere. Even though you are using a metered service you will probably waste less than a kilobyte 
when connected to your server shell account since it is all just command line text, don't forget to 
use screen and detach when you are done so you won't continue to get billed. When the torrent and 
conversion are done and you are ready to grab your media files; do like above and find a WiFi hotspot to 
download the files for free instead of getting charged some outrageous per Kilobyte rate by your cellular 
provider especially if you are using a prepaid data plan. You can make this work even if you don't have 
a smartphone, most mobile phones you find can still run Java programs so you can still install an SSH 
client and use the keypad just like texting to talk to your server account. You just need a WiFi data 
device like the laptop or PDA mentioned above or access to a computer connected to the net to grab 
your finished files and stick them on your USB drive or other data storage. 

Watch out for built-in "location-sensitive” or similar features if using a smartphone with GPS. This 
can pinpoint your location very well and broadcast it somewhere over the net. Always check if GPS is 
off before connecting and don’t mix navigation with activism on one connection. Also, MAC address 
can be your doom in harder cases - look for tools to change it. (this also may be important for laptops) 


Usenet and Listservs 


Usenet used to be a great way to spread and discuss information. Much like the abuse of the CB radio 
networks in the USA, the sheer weight of spam and flame wars drove most serious users out, excluding 
a few special interest groups. Usenet can still be useful, especially if you are able to filter through the 
garbage. The good stuff can be filtered from the bad stuff using email applications or webmail services 
that provide good filtering, sorting and viewing options. A well set-up inbox can be extremely helpful 
in getting to the information you really want to read. 

Note that free Usenet providers don’t support binaries parts of the Usenet. All of the providers log 
info, so it’s hard to send there without being linked. 

http://en. wikipedia.org /wiki/Usenet 
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Internet Phone Communication - VOIP (Voice over Internet 
Protocol) 


Skype (http7/www.skype.com/) is a "free” VOIP (Voice over Internet Protocol) service, but with 
proprietary communication protocol. The closed nature of the protocol make not possible to check the 
privacy level. If possible prefer free and open software like Ekiga http: //www.gnomemeeting.org / 


Instant Messaging Anywhere 


There are several instant messenger clients and services, most free for anyone to use. If you look 
around, you can even likely find one that will blast through your work or school firewall. Don't expect 
any IM's to be private, and understand that most services keep a log. 

Pidgin instant messenger is a free open source universal instant messenger, it runs yahoo, gtalk, icq, 
irc, aim, and other instant messenger services all in one program, plus you can get it in portable form 
so anywhere you can take your keychain USB drive. One of the most useful plugins for Pidgin is the 
OTR or Off The Record encryption plugin with OTR all Google or Yahoo get for their logs is a bunch 
of encrypted gibberish, if you use OTR you are reasonably safe as long as your communications partner 
or your computer are not compromised. 


Internet Relay Chat 


IRC is a communication protocol older than the web itself. You can create your own free channels 
(chat rooms), with the ability to operate it however you want, with a fair amount of customization. Very 
popular in the hacker community and a great way of organizing projects of all types over long distances. 
irc.freenode.net ( http7/freenode.net /) is the network dedicated for free/open-source software projects. 
Anonops’s server (http://anonops.net/) , irc.anonops.ru is used by hackivist group Anonymous to fight 
against injustices. Most networks will let you create channels of any type with virtually no moderation 
from the admins. 

IRC is a great way to keep in touch with friends from around the world. It is recommended that one 
uses a command line client such as irssi (http: //www.irssi.org/) inside the "window” application "screen 
over a ssh connection. This will keep you connected 24/7 as well as provide anonymity. One free shell 
server is Blinkenshell (http: //blinkenshell.org/wiki/Start) , hosted in Sweden. It costs nothing, but it 
may take a few days in their IRC channel to be trusted and vouched, and you need to donate a cent or 
send a text message in order to be activated. Blinkenshell also provides free webhosting. Another way 
IRC provides anonymity is through the service Hostserv, with which you can create custom hostnames, 
so others can't see your state/country /TP address. 

The irssi client is recommended for Linux, as are the GUI clients Xchat, Chatzilla, and Pidgin. 
Silverex ( http: //www.silverex.org/news/) (Xchat compiled for Windows for free) is recommended for 
Windows. Webclients include the very popular yet controversial Mibbit (http: //mibbit.com/) (banned 
from Freenode), Freenode's webclient (http: //webchat.freenode.net/) , and the still-in-beta subscription 
service IRCCloud (https: //irccloud.com/) . 


y) 


Free Webhosts 


As mentioned earlier, blinkenshell.org provides free, small webpages. Also available, although it has 
a very distrustful-looking URL, is byethost (http://byethost.com/free- hosting/news) . You feel dirty 
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setting it up, and you have to answer a captcha that doubles as an ad, but it appears legit and doesn't 
try to install malware or anything, and actually provides php. 


Random Free Goodies 


Reddit (http: //www.reddit.com/) will allow you to set up a free subreddit, which is similar to a 
forum and is a great way of organizing a project. 

Wikia (http: //www.wikia.org/) and Wikidot ( http: //www.wikidot.com/) both provide free wikis. 

Everyone knows this, but Youtube (http: //youtube.com/) T (owned by Google) provides free video 
hosting. 
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Web Radio Streaming 


Stream like the professionals do! Software and hardware for web-streaming is easy to obtain and easy 
to set up, with the hardware cheap, and the software free and open-source. Get yourself an older machine, 
and boot some sort of Linux/BSD operating system on it. Debian http://www.debian.org, Ubuntu http:/ 
/www.ubuntu.com are easy to set up GNU/Linux variants, and NetBSD http://www.netbsd.org is a 
portable BSD system. Install icecast http://www.icecast.org/ and rip/download some mp3s. Information 
on each of these OS and programs is available on their websites. 
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Network Printing 


While not really getting your message out ON the net, you can really get a radical message OVER 
the net to unsuspecting audiences. If you can make an exciting eye-catching flyer, people will recognize 
and grab your work. http://wiki.stealthiswiki.org/wiki/Internet-Communications 13/23 


You have to figure out how to get past firewalls from outside or even print at your own corpgov job 
without getting caught (or, print it on the day you are fired). Print servers are also often unpatched 
for security and become a great scan server to use in initiating attacks on the network. Another fun 
idea, if you figure out the printer admin access, is to upload a script on the day you quit that bank job 
that will regularly print radical messages, posters, or even this book until the IT department wipes or 
junks the printer or server. However, attacks which involve printing out all of the ink and paper are not 
usually warranted as we are not at war with the trees. 

Most schools offer computer labs and allow students to print a maximum number of pages a day. 
Use this to your advantage! Draw up some fliers, print them on 3x3 settings off of a school library or 
computer lab printer for (somewhat above) your maximum number of free pages. Doing this once a day, 
or whenever the advisors change shifts to get an unlimited supply of print jobs. 
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Connecting: 


Wi-Fi network 


Many neighbors have open wifi networks that were left in their default unlocked mode. This is either 
by accident or the owners wanted to give free access. Often times, the owner will not change the default 
password from “admin” to a better password, so you may be able to gain access to the network by using 
the “admin” password. Many of these admin” passwords can also be found online. Be a good nerd, and 
at most open ports or DMZ your machine, if you will be around for awhile. Don’t rudely lock someone 
out of their AP or change the SSID to 10053r, pOwn3d, or 1d10t. Something like that will likely make 
them secure the node, ruining a good open node. 


Wi-Finder 


Cheap Wi-Finders, keychain wifi detectors will help you quickly survey an area to see if you have a 
Wi-Fi node nearby, that way you can leave your lappy in the pack. A good idea is to waterproof and 
tape one to your bicycle handlebars or stick it under the sun shade of your bike helmet so you can see 
the LED's. 


Net&Buzz 


Most hipper local coffeehouses offer free WiFi and the signal often leaks out into the surrounding 
area. If you buy coffee there regularly, thank them so they keep it running. If you need Internet for 
a long stretch, go in after taking a bath and wearing clean clothes; that way they won’t kick you out. 
Plug in and buy a coffee or cake at least every hour and a half. Avoid squatting at high traffic times 
and most importantly of all, leave a tip! 


Cyber-Hobo Code 


Where there is open wireless to be had, why not let people know? Take a tip from Wall Painting and 
use our hobo code, )( the opposing half circles means open wireless node, while a closed circle means 
a closed network, chalk it on the curb. If you manage to crack the encryption on a closed network and 
get online leave the passphrase on the corner of the building near the ground. 


Where to Sit 


When out using free public wireless Internet, there is often a dearth of chairs. Many camping stores 
sell a light, inexpensive mini tripod stool which folds up into a 2/3 meter long bundle. You can strap 
this to your bike frame or pack for portability. 

Car Surfing 
Parking in an area with wifi is a popular way to get online if your Internet is disconnected, if you stay 


in a well lit area it helps hide the glow from your computer screen. Most netbook low-power computers 
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can use an inexpensive 12 volt car adapter saving the battery for later. Be careful in parking meter areas 
as the cops may ticket you if the meter expires even though you are in the driver seat. Net squatting 
for hours outside somebodies home after midnight just gets creepy, especially if you knock on the door 
and ask to plug in an extension cord. 


Cantenna, Antenna or Woktenna 


If you are able to detect a wireless access point but not connect, often a directional high gain antenna 
will get you a strong enough signal for full connectivity. You can build or buy these antennas. 

http://en.wikipedia.org/wiki/Cantenna 

If you can buy them, it is advisable, for durability sake, to spend the money for a 14dB or higher 
patch (flat) antenna and a quality tough antenna pigtail. Since these pigtails are fragile, a spare is 
advisable. Even if your laptop has built-in wireless, a high power removable wifi card that you can 
attach your antenna to will get you online in many densely populated environments where the built in 
antenna would normally fail. 

Another option of high gain antenna (13-15dB easily) with a fairly wide (60-70 degree) cone is the 
biquad, where there is a driver element made from two wire squares with 30.5mm side lengths. these are 
backed by a reflector, and the whole thing is affixed to a short coax line. [1] (http: //www.engadget.com/ 
2005/11/15/how-to-build-a-wifi-biquad- dish-antenna/) 

It is advisable to drive an antenna with a high power USB stick, Alfa manufactures them up to 2 
watts, and they can be had for around $25 on (the evil corporation!) amazon. The advantage of usb is 
the ability to use a usb extension cable to get your antenna to a good position. 

Another option is the so-called ”Wok-fi” antenna - which is often cheaper and more effective, at the 
expense of being bulkier and more fragile. 


e Wok-fi (http: / /www.usbwifi.orconhosting.net.nz/) 


Remember that you can use the directional antennas listed here to drive dishes, offering much 
better gain. With an old tv dish a few meters in diameter, connections have been made at line of sight 
distances of hundreds of kilometers. Why not use a smaller <1 meter dish to get a few extra kilometers 
of connection out of your wifi gear? 

You're anonymous, the internet is free, and you don't have to leave your squat. 


WEP/WPA 


WEP is an old encryption used on 802.11b wireless networks. It is easily cracked, and some business 
and government offices may have an older personal wifi access point installed in big exec offices so they 
can play on their mahogany paneled laptops. Any reasonable IT department would have implemented 
better security. 

Our hacks use a computer running Linux but there are also windows and Mac programs for this. 
Airsnort and Aircrack-ng can help you bust the WEP/WPA encryption: this software package comes 
as an downloadable option with most Linux distros. Sample some net traffic, then let Aircrack look for 
weak packets, unlocking the encryption key. If your are a MS-Windows user, booting up with Backtrack 
Linux, Knoppix STD or other security live distros will give you most of the security hacking tools you 
will need. 


e http: //www.backtrack-linux.org/downloads/ 


25 


e http: //www.knoppix-std.org/ 
e http: //www.remote-exploit.org/backtrack.html 


This gives you the ability to employ smear tactics against an individual or organization, imagine the 
reaction to the world discovering they're hosting a pedophiliac site from their ip? Also, with higher gain 
antennas (for example get ahold of an old satellite tv dish and drive it with a yagi or biquad antenna), 
you can connect to WEP protected networks at many kilometers and essentially have free internet which 
is essentially untraceable. 


Community Wireless Co-Op 


Many cities have community wifi co-ops which provide free internet and possibly other services from 
their access areas. These are great for anonymous surfing. Be sure to clear out all personal identifying 
settings and cookies from your browser and computer before you feel too secure and of course using 
TOR helps obscure what you are doing too. 

To start see if you have any local businesses that wouldn't mind hosting wireless internet for their 
customers. This can be as simple as installing a used wireless access point and opening it up to an AP 
with a custom Linux firmware on it so you can control bandwidth and other services. While there are 
companies who may give out free hardware and even Internet access to businesses willing to host their 
service we mostly avoid them since they are ad based services and who knows what information is being 
reported back to home base. 


Pirate Wireless 


An interesting spin on community wireless is if at work you find a live network cable and power port 
you can just plug in an old access point and make a pirate wireless hotspot, of course it would have 
to make the signal available somewhere useful to justify the expense, maybe a directional antenna to 
extend the range and some disguise is in order to keep it safe. Alternatively drill holes high on the wall 
to the outside for your wires and install a plastic waterproof electrical box outside where there would 
be no suspicion. Make everything look professional and seal all holes for moisture and it might last for 
years. 


Piggybacking Restricted WiFi Access 


How to piggyback WiFi at the airport, university, train station, or other restricted or paid wifi access 
area using a Linux machine and assuming there is an authorized user online. This works by cloning the 
WiFi card mac address of an authorized user and makes you both appear to be using the same laptop. 
Helpful information is in (parentheses) and is either a value or instruction everything else is Linux shell 
terminal commands. A little practical experience in networking will help you guess or calculate the 
netmask and gateway address. 


e 1. (type) tepdump -en 
e 2. (Carefully note Ip addresses and corresponding mac addresses that fly by) 


e 3. (type) ifconfig wlan0 hw ether macAddress 
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e 4. (type) ifconfig wlan0 ip netmask (the netmask for the IP address) 
e 5. (type) route add default gw (router ip address, router’s ip can usually be guessed from IP) 


e 6. (enjoy your free connectivity!) 


HTTP over DNS 


Many for pay commercial WiFi networks or crippled corporate networks still allow DNS queries. 
This opening can be exploited to allow tunnel access to a server and then out to the Internet. http:// 
thomer.com/howtos /nstx.html 


Cellular GPRS and 3G 


Mobile phone based Internet connections are quite expensive and have the added detriment of being 
fully traceable back to you within a few meters, like all mobile phone use. The upside is possible 
broadband, even in remote areas or while in transit. However, it drains battery life quickly, and will 
give you a very sub-par viewing experience. 


Mobile Acess Point 


Most of the Linux based routers have an internal serial port or two. It will be either 3.3v or 5v. This 
serial port is a great way to connect a whole campout or crash house to the internet, you will need to 
add PPPD to the firmware and set up the config files. Use the mobile phone to dial in or get GPRS 
access, as most unlocked mobile phones accept serial connections and almost all phones accept some 
Hayes AT commands, you could also cable connect to an older real(non-winmodem) modem this way if 
DSL is not an option. 

Add a battery pack or cigarette lighter adapter and you can even share Internet with a group 
traveling in several nearby cars, a train, or a bus. Some smartphones with Wi-Fi can either be hacked 
or you can install software to make your phone into a short range wireless Internet access point. 

Beware of the next cellular bill after your net party unless you have an unlimited data account. 


Bluetooth Sniping 


Bluetooth, just like Wi-Fi, uses 2.4 Ghz microwaves. This means Wi-Fi directional antennas and 
amplifiers can be soldered onto your Bluetooth dongles and cards. Using this technique, locked executive 
phone books can be obtained, bogus phone or sms messages can be sent, or GPRS internet connections 
can be established. http: //www.newscientist.com/article.ns?id=dn7461 
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Wired Ethernet 


Often, you can quietly plug a patch cable into the library network when nobody is looking, Know 
how to get past the often minimal security, and don’t abuse the sneak on. The library is our friend, not 
a thing to be abused. 


Subnet Sniffing 


Use of Linux "tcpdump” and watching the traffic will help you establish what subnet you are plugged 
into, even if there is no DHCP server to hand you an IP address. The “ifconfig” command will be used 
to set your IP address and subnet, "route” will be used to set your internet gateway. Windows users can 
use the GUI to add network a address and default gateway settings. 


DNS 


If you have to sneak onto a network without a DHCP server to give you an IP address, you may need 
to plug in your own DNS servers found in "network settings”. There are a few stable ones in locations 
all over the world. Either edit /etc/resolv.conf and add these addresses in Unix/Linux or change the 
Windows DNS settings in your network TCP/IP settings. If you are using a network you can add these 
server addresses there and it will pass on the DNS requests to the whole network. 

http: //wiki.stealthiswiki.org/wiki/Internet-Communications 17/23 


Other public DNS servers (without any filters): 


e 4.2.2.1 - 4.2.2.6 - Level3 DNS servers with Anycast (multiple locations) 


e 141.1.1.1 (cnsl.cw.net) - A Cabe & Wireless DNS-Server with Anycast (multiple locations) by 
Cable & Wireless Worldwide 


Public DNS servers from OpenDNS (blocks suspected malware, porn, and other sites - inserts landing 
pages on miss - not accountable): 


e 208.67.222.222 


e 208.67.220.220 


Public DNS servers from DNS Advantage (they may block malware sites - not accountable, no 
landing pages): 


e 156.154.70.1 (rdns1.ultradns.net) 

e 156.154.71.1 (rdns2.ultradns.net) 

e you can also use 156.154.70.22 and 156.154.71.22 which are advertised by Comodo 
Public DNS servers from DNSResolvers (without any filters): 

e 205.210.42.205 (cachel.dnsresolvers.com) 


e 64.68.200.200 (cache2.dnsresolvers.com) 
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Public DNS servers from Google (without any filters) (warning: Google doesn't tend to value user 
privacy very much...): 


e 8.8.8.8 
e 8.8.4.4 


Realize that whichever DNS service you using, one of these or the one from your ISP your page 
requests are logged, this should be obvious since your ISP also delivers the content, TOR can obfuscate 
this as long as your browser is set to route DNS requests through TOR, this must be set as default is 
to run DNS in the open even when running a proxy. It can also work as a DNS server on its own since 
version 0.2 regardless of web proxying, which is useful for working around some broken apps. 

You can also attempt to use ICANN root servers directly with a DNS server in proxy mode, e.g. 
bind (named), PowerDNS (pdnsd), MaraDNS, Posadis. Note they are blocked by some braindead ISPs. 


PPPoE and VPN 


Many ADSL providers use PPPoE or VPN to connect. 


Mac Address Spoofing 


Every network device has a unique ID called a MAC address. If you copy another machine’s mac 
address and use it on your computer, you may be able to obtain access on certain wireless or wired 
networks. Often there will be an authentication of some other type you must pass as well, but the MAC 
address is often an easy way to secure home networks. If you do get kicked from a network, try changing 
the network MAC address (MAC address has nothing to do with being a Macintosh or not), as this is 
how a machine is usualy banned from a network. MAC addresses are also used in wireless networks. 


McDonald’s Free Wifi 


Until recently McDonald’s Wifi was a pay as you go network, now at many (not all yet) McDonald’s 
you can freely access their Wifi network. 

Goto http://www.mcdonalds.com/us/en/services/free_ wifi.html to check out more info and search 
for available service. 

Most that have the McCafe have the free Wifi so look for that and you should be surfing. Be nice 
and at least buy your favorite beverage while you are logged in to the network. 


Dialup 


Free Dialup Services 
When a corporation gives” you internet, beware, as you will likely be forced to stare at ads on part 
of your screen. Worst-case-scenario, they have full access to your data. 


e New England http: //www.freedialup.org/site/ 
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e New York http: //www.metconnect.com/about.html 
e Western Washington http: //www.nocharge.com/connect.htm 


e USA http: //account.netzero.net /s/landing? group=freecorp&refed=cj&cf=cj& AID=10388574& PID=61738 


Netzero lets you have ten hours of dialup internet for free. This is an ad-supported service, which 
only works on either MS Windows or Linspire-Linux platforms. 


e Denver, Co http://www.nyx.net / 
e Toronto FreeNet http://www.torfree.net 


Nonprofit Unix shell and dialup access co-op, lots of 133t options for connect. 
If you are on the run and need to get online, see Free_ Telephones for tips on covertly connecting 
to phone lines. 
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Crypto: 


pgp and gpg 


PGP (pretty good privacy) and its younger open source cousin GPG (Gnu Privacy Guard) are 
simple programs that use a shared key and a private key to encrypt data and messages. Many programs 
have GPG. Inside one of the most useful is a clipboard helper where you paste your text into the box, 
hit the encrypt button, and your clipboard now has the encrypted message. There is really no end to 
the applications that can have GPG inside from VOIP phones to instant messengers. 


TOR Onion Servers 


Obfuscate the origin of your connection. This provides good privacy from end use sites, but not 
against telcos and some larger governments who have the ability to monitor end to end internet packet 
traffic in real time. (WRONG. It does provide some security if you go through at least one node outside 
monitoring. Only if you are specifically monitored and your destination too, there could be a link made, 
weak one - using timing analysis. - R) http://en.wikipedia.org/wiki/TorJanonymity network) 

If you find that the TOR network is suddenly not working be sure to check for an update in version 
at the http://torproject.org website. Some major Linux distros and other software packages may fall 
behind and not issue automatic updates if you have not set the updater to check the official TOR 
package sources. 

One often unused feature of the TOR network is the ability to host hidden servers. Once you have 
the software running you can visit .onion sites which are as difficult to trace as a web surfer running 
TOR. Visit http://l6nvgsqivhrunqvs.omon/ for a popular reliable hidden discussion forum while your 
TOR is turned, http: //eqt5g4fuenphqinx.onion/ is the official TOR core.onion site when it is up, here 
is where sites on the onion should be listed. Better yet set up your own hidden server. 

Make sure you secure your hidden server and web browser don't leak out identifying data. 


SSH encrypted shell access 


The standard secure way to connect for console or tunneled connections to most Unix/ 
Linux type servers. You can use SSH to tunnel or forward almost any service see http://soup- 
tonuts.sourceforge.net /sshtips.htm for more ideas. See http://www.openssh.com/ for the real thing or 
http: //www.chiark.greenend.org.uk/“sgtatham/putty/download.html for Putty the small Windows 
client which will happily run from your USB keychain drive. 

The following command you will start a Socks5 type proxy to forward all of your browsing to a 
remote server vial a remote tunnel: 

ssh -D 1420 user@server.com 

The -D means you want to have SSH make a Socks5 type proxy the number (1420 or whatever you 
like) is the port you want to connect it to. User is your username on a remote server and after the @ 
sign is the web address of your server, you will be asked for your password after connecting. 
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If you want to keep your browsing free of the IT department entirely also route your DNS requests 
through the Socks proxy, in Firefox type 

about:conf 

in the address bar and hit enter, you will be dropped into the manual config editing page of Firefox, 
scroll down to 

network.proxy.socks remote_ dns 

and toggle it to true (default is false) now got to Edit>Preferences>Connection Settings and click 
the Manual Proxy Configuration button, In the SOCKS Host add the address 127.0.0.1 and the port 
will be whatever you set after the - D (our example used 1420, choose something over 1000) be sure 
that SOCKS-5 is selected. Once TOR is set up and working install Torbutton in Firefox and add your 
port settings to make your switch quick as a mouse click. 

If your boss blocks port 22 (normal SSH port) you can be a sneak too and route through the almost 
always open SSL port (443). 


Disk encryption 


Unencrypted data can be the revolutionary’s doom. If it’s likely your machine can be seized (there 
always is), the only way to protect yourself is to encrypt the data. Note that in some jurisdictions and 
esp. if you get slapped with Patriot Act, not divulging a key may be a crime or be prelude to torture. 
Always have a kill switch. Make sure the machine is never seized on or freshly off - disconnect power 
for at least a minute to reduce chances of password recovery from RAM. 


You can use one of the following systems: 


e TrueCrypt/RealCrypt (http7/truecrypt.org/) - Similar to dm- crypt, slightly less widely used. 
Supports "double-floor” encryption, where you can have multiple partitions under different keys 
in one place - great to fool that torture part. Just don't give even fake key too easily. 


e EcryptFS - Linux, Supported by Ubuntu, per-file encryption. Hides file names in new versions too. 
Since it's per-file, you can send encrypted data easily or store it remote. 


e dm-crypt for Linux and Free OTFE (http://www.freeotfe.org/) for Windows - these are standard 
disk/partition encryption systems. No special features. 
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Network Stealth 


Disguise Your Gear 


If you have secretly left a server in an office or other secure location, maybe an inside job, using 
their bandwidth broadcasting your radical news it must look like it belongs there. A nice clean modern 
case can often be found that will match the equipment where you are making the setup. Other options 
may be to to hide the server above ceiling tiles or placing a very small mini-ITX or other single board 
type machines double side taped under or behind a desk or cubicle partition. Hunting these down will 
drive IT nuts if they even ever figure out where all of their bandwidth is going. see Infiltrating for more 
ideas 
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Covert Server 


Shell Accounts Game 


Acquire shell access to as many servers as possible to be able to SSH over borders and obscure the 
point of origin while on the internet. This can be quite useful: 


e once you have a shell account, use it to proxify your web use. The web requests will look like they 
came form the server and not you. See SSH encrypted shell access above for details. 


Wi-Fi and DMZ - A router to put your box on the net 


Many home DSL lines have the Wi-Fi router unconfigured. Use the default password to take control 
and DMZ your machine. You are now live on the internet and can direct your domain name to this IP 
address for small scale web presence. 


Dynamic DNS 


There are now many dynamic DNS and DNS forwarding services available for free. Using these 
services you can direst web traffic from a domain name to your constantly changing DSL line IP 
address, some services also will redirect to an unblocked network port if your ISP blocks port 80. Many 
home network routers will automatically update your dynamic DNS provider, if your router does not 
support these updates there are many update programs that run on Windows, Mac, and Unix/Linux. 


Generic Owned Box plugged into an Open Network 
Any old computer plugged into a DSL line or office network and allowed to have an IP address on 


the internet can be a hidden server. Your server can be used to store files, serve a website, or even 
remotely browse the net, obscuring your location. 


Arousing Suspicion 


An encrypted transmission will generate suspicion on the internet. Always assume your data is being 
sniffed and act accordingly. 
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Anonymous Surfing 


There are services that allow web surfing by-proxy which leave behind no trail of your visited 
websites on the computer. Great for sneaking past work or school snoops, but the Feds might be able 
to watch these networks. These proxies slow down your connection speed a bit, and may interfere with 
downloading, but for security, it’s worth it. However, the fact that you've been on a proxy site for two 
hours may attract suspicion. 


e Anonymouse - http: //anonymouse.org/ 


e Guardster - http: //www.guardster.com/ (Free low-level service, but won't work on encrypted SSL 
sites) 


e Shadowsurf - http://www.shadowsurf.com/ 


e Proxify - http: / /proxify.com/ 


Off By One 


A simple and free Non-Java web browser for Windows that fits on a CD or flash drive, but doesn’t 
require installation onto the hard drive for use. It's only 1.2 MB and can be compressed down to about 
460KB for distribution. When the disc is removed, all browser information goes with it. The page and 
image caches are memory-resident and utilize no disk storage, so after each session, any “cookies” simply 
vanish. The drawbacks to its small size is that it doesn’t support JavaScript, applets, plug-ins or Flash. 


e http: //offbyone.com /offbyone/ 


Mozilla Firefox - Portable Edition 


A 25 MB version of the web-browser that can travel with you on your clip flash drive (along with 
your bookmarks and cookies that won't be on the computer you're using). Runs on Windows or Wine 
on Linux/UNIX. 

e http: //portableapps.com/apps/internet/firefox portable 


Visit http: //www.torproject.org/torbrowser/index.html.en for the TOR browser and instant mes- 
senger pack. All open source and it fits on your USB drive. 
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Links 


Humorous and/or useful page of further links on this topic: 


Free Internet tools for tin foil hat wearers: Good annotated links to all kinds of anonymizers, 
Mapping, spying and so on. 


http: / /www.great-isp-deals.com/blog/2008/08 /50-free-internet-tools-for-tin-foil-hat-wearers / 


Adeona is an open source cross platform application that will help you or the person you liberated 
the laptop from locate it again. Yes, it's the one that allows you to take pictures of the current 
custodian of the laptop in question as well (plus instructions for wiping it). 


http: //adeona.cs.washington.edu/ 
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